3 matches found
Code injection
Microsoft Windows does not properly enforce the Autorun and NoDriveTypeAutoRun registry values, which allows physically proximate attackers to execute arbitrary code by 1 inserting CD-ROM media, 2 inserting DVD media, 3 connecting a USB device, and 4 connecting a Firewire device; 5 allows...
PT-2009-2915 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue allows attackers to execute arbitrary code through various means, including inserting CD-ROM or DVD media, connecting a USB or Firewire device, mapping a network drive, ...
CVE-2008-0951
Microsoft Windows Vista does not properly enforce the NoDriveTypeAutoRun registry value, which allows user-assisted remote attackers, and possibly physically proximate attackers, to execute arbitrary code by inserting a 1 CD-ROM device or 2 U3-enabled USB device containing a filesystem with an...